Skip to main content

Adding New User Accounts to MySQL

Step 1 - Create new MySQL user

MySQL create user

Nowadays security is more and more important even in case of smaller websites. As a lot of site uses some database so this is one point where we can make some improvements.

In this article we will work with MySQL on our goal is to create a new user in the database.

There are more ways how you can do this.

  • Using CREATE USER and/or GRANT commands
  • Inserting a new record into the mysql.user table

First let's see how to use the CREATE USER command. Here I have to mention that thi s command is available only in MySQL 5 (5.0.2) and newer releases. The syntax is the following: 

 CREATE USER user [IDENTIFIED BY [PASSWORD] 'password']

Here is an example:

Code: 
  1.  
  2. CREATE USER 'user1'@'localhost' IDENTIFIED BY 'pass1';
  3.  
Database F1

Now if you check the mysql.user table you can find a new record in it. Notice that all priviliges are set to No so this user can do nothing in the DB. To add some preiviliges we can use the GRANT command as follows:

Code: 
  1.  
  2. GRANT SELECT,INSERT,UPDATE,DELETE ON *.* TO 'user1'@'localhost';
  3.  
Database F1

Here we have added only the most important priviliges to the user. With the setting above this user is good to run a CMS or a blog, however with such settings this user is not able to install them as it can not create tables.

To add all priviliges to the user you don't have to list all of them but you can use the ALL shortcut as follows:

Code: 
  1.  
  2. GRANT ALL ON *.* TO 'user1'@'localhost';
  3.  
Database F1

You can create a new MySQL user in one step as well using again the GRANT command with a small extension as here:

Code: 
  1.  
  2. GRANT ALL ON *.* TO 'user2'@'localhost' IDENTIFIED BY 'pass1';
  3.  
Database F1

The above examples used dedicated commands, but sumtimes you maybe want to add a new MySQL user via directly editing the mysql.user table. In this case you just inserts a new record into the table with a normal INSERT command:

Code: 
  1.  
  2. INSERT INTO user (Host,User,Password)
  3.    VALUES('localhost','user3',PASSWORD('pass3'));
  4.  
Database F1

Or you can add some priviliges as well in a form like this:

Code: 
  1.  
  2. INSERT INTO user (Host,User,Password,Select_priv,Insert_priv)
  3.    VALUES('localhost','user4',PASSWORD('pass3'),'Y','Y');
  4.  
Database F1

That's it!

Comments

Post a Comment

Popular posts from this blog

How to Use Chisanbop (Korean Finger Math) for Basic Addition and Counting | eHow.com

How to Use Chisanbop (Korean Finger Math) for Basic Addition and Counting eHow.com Difficulty: Easy Instructions Step 1 In Chisanbop you'll be using your two hands and ten fingers to represent numbers from 0 to 99. Start out with your hands out in front of you with closed fists. This represents 0. Each finger (not thumb) on your right hand represents 1. To represent 3, just press down three right hand fingers. Your right thumb represents 5. To represent 7, press down your right thumb and 2 right hand fingers. Think of your right hand as the ones or units place (column). Step 2 Your left hand represents the tens place (column). Each finger on your left hand is worth 10. For example, to represent 30, press down three left hand fingers. To represent 38, do the same, but also use your right hand to represent 8 as described above. Your left thumb represents 50. To represent 86, press down your left thumb and three left hand fingers for the 80, and your right thumb and one righ...
Post a Comment
Read more
Should we allow our staff to use social networking sites? Some people say they are dangerous but I can't see how. Can you explain the dangers? > EXPERT RESPONSE There's nothing wrong with using Facebook, other than the potential impact on working time, but that's not a security matter! The issue is in how your staff configures Facebook, and what information they place on it. A few tips to pass on to your staff: Don't allow anyone that isn't part of your network of 'friends' to see your profile. Don't allow non-friends to see your friends. Why? I could easily impersonate one of your friends, fake a new profile, and send you an invite. You accept, thinking a genuine friend has created a new profile, then I'm in your network of friends and can see your profile. Think about what information is in your profile. What would be useful in stealing your identity? Date of birth, address, email address, employer, interests. why does this type of information n...
2 comments
Read more

Creative commons

Few Terms related to CC  - Commons :  The Commons refers to resources that are collectively owned. [1] This can include everything from land to software. [2] The process by which the commons are transformed into private property is often termed enclosure . [source : wikipedia ] The public domain (public ownership of creative works) is an intellectual property designation for the range of content that is not owned or controlled by anyone. These materials are "public property", and available for anyone to use freely (the "right to copy" [1] ) for any purpose. The public domain is most often discussed in contrast to works whose use is restricted by copyright . Under modern law, most original works of art, literature, music, etc. are covered by copyright from the time of their creation for a limited period of time (which varies by country). When the copyright expires, the work enters the public domain. The public domain can be defined in contrast to several f...
Post a Comment
Read more